CompTIA SY0-501 Online Practice Questions and Exam Preparation

CompTIA SY0-501 Online Questions & Answers

• Question 771:

  After being alerted to potential anomalous activity related to trivial DNS lookups, a security analyst looks at the following output of implemented firewall rules:

  

  The analyst notices that the expected policy has no hit count for the day. Which of the following MOST likely occurred?

  A. Data execution prevention is enabled.
  B. The VLAN is not trunked properly.
  C. There is a policy violation for DNS lookups.
  D. The firewall policy is misconfigured.
  D. The firewall policy is misconfigured.

• Question 772:

  Which of the following BEST describes the concept of perfect forward secrecy?

  A. Using quantum random number generation to make decryption effectively impossible
  B. Preventing cryptographic reuse so a compromise of one operation does not affect other operations
  C. Implementing elliptic curve cryptographic algorithms with true random numbers
  D. The use of NDAs and policy controls to prevent disclosure of company secrets
  B. Preventing cryptographic reuse so a compromise of one operation does not affect other operations

• Question 773:

  A Chief Information Security Officer (CISO) has tasked a security analyst with assessing the security posture of an organization and which internal factors would contribute to a security compromise. The analyst performs a walk-through of the organization and discovers there are multiple instances of unlabeled optical media on office desks. Employees in the vicinity either do not claim ownership or disavow any knowledge concerning who owns the media.

  Which of the following is the MOST immediate action to be taken?

  A. Confiscate the media and dispose of it in a secure manner as per company policy.
  B. Confiscate the media, insert it into a compter, find out what is on the disc, and then label it and return it to where it was found.
  C. Confiscate the media and wait for the owner to clain it. If it is not claimed within one month, shred it.
  D. Confiscate the media, insert it into a computer, make a copy of the disc, and then return the original to where it was found.
  A. Confiscate the media and dispose of it in a secure manner as per company policy.

• Question 774:

  A systems administrator has created network file shares for each department with associated security groups for each role within the organization. Which of the following security concepts is the systems administrator implementing?

  A. Separation of duties
  B. Permission auditing
  C. Least privilege
  D. Standard naming conversation
  C. Least privilege

• Question 775:

  A company is currently using the following configuration:

  1.

  IAS server with certificate-based EAP-PEAP and MSCHAP

  2.

  Unencrypted authentication via PAP

  A security administrator needs to configure a new wireless setup with the following configurations:

  1.

  PAP authentication method

  2.

  PEAP and EAP provide two-factor authentication

  Which of the following forms of authentication are being used? (Select two.)

  A. PAP
  B. PEAP
  C. MSCHAP
  D. PEAP- MSCHAP
  E. EAP
  F. EAP-PEAP
  A. PAP
  C. MSCHAP

• Question 776:

  Many employees are receiving email messages similar to the one shown below:

  From IT department To employee Subject email quota exceeded Pease click on the following link http:www.website.info/email.php?quota=1Gb and provide your username and password to increase your email quot Upon reviewing other

  similar emails, the security administrator realized that all the phishing URLs have the following common elements; they all use HTTP, they all come from .info domains, and they all contain the same URI. Which of the following should the

  security administrator configure on the corporate content filter to prevent users from accessing the phishing URL, while at the same time minimizing false positives?

  A. BLOCK http://www.*.info/"
  B. DROP http://"website.info/email.php?*
  C. Redirect http://www,*.Info/email.php?quota=*TOhttp://company.com/corporate_polict.html
  D. DENY http://*.info/email.php?quota=1Gb
  D. DENY http://*.info/email.php?quota=1Gb

• Question 777:

  An auditor is performing an assessment of a security appliance with an embedded OS that was vulnerable during the last two assessments. Which of the following BEST explains the appliance's vulnerable state?

  A. The system was configured with weak default security settings.
  B. The device uses weak encryption ciphers.
  C. The vendor has not supplied a patch for the appliance.
  D. The appliance requires administrative credentials for the assessment.
  C. The vendor has not supplied a patch for the appliance.

• Question 778:

  Which of the following is used to encrypt web application data?

  A. MD5
  B. AES
  C. SHA
  D. DHA
  B. AES

• Question 779:

  During a recent audit, it was discovered that many services and desktops were missing security patches. Which of the following BEST describes the assessment that was performed to discover this issue?

  A. Network mapping
  B. Vulnerability scan
  C. Port Scan
  D. Protocol analysis
  B. Vulnerability scan

• Question 780:

  A security administrator suspects a MITM attack aimed at impersonating the default gateway is underway. Which of the following tools should the administrator use to detect this attack? (Select two.)

  A. Ping
  B. Ipconfig
  C. Tracert
  D. Netstat
  E. Dig
  F. Nslookup
  B. Ipconfig
  C. Tracert